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Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

• If the period for reply specified above is less than thirty (30} days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S. C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)^ Responsive to connmunication(s) filed on 17 March 2005 . 
2a)\3 This action is FINAL. 2b)[3 This action is non-final. 

3) n Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-30 is/are pending in the application, 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) ^ Claim(s) 1-30 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) n The specification is objected to by the Examiner. 

10) S The drawing(s) filed on 01 May 2001 is/are: a)^ accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawlng(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) 0 The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) 0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)n All b)n Some * 0)0 None of: 

1 .D Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

Response to Amendment 

1 . The following is a response to the amendments filed on 03/1 7/2005. 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102(e) that form 
the basis for the rejections under this section made in this Office action: 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

3. Claims 1-30 are rejected under 35 U.S.C. 102(e) as being anticipated by Strahm et al 
(U.S 5732214), hereinafter referred to as Strahm. 

Re claims 1,15, and 24, Strahm discloses Control Element (CE, figure 2, element 
206, source agent) sending the packet, encrypted in tuimel mode (the tunnel being 
configured by said source agent, paragraph [0032], lines 1-2) and Classifying Forwarding 
Element (CFE, figure 2, element 202, an endpoint of a tunnel) classifying the packet by 
checking if the packet is received from the same traffic stream or the security Association 
(SA) as previously received packets Classifying Forwarding Element (CFE, figure 2, 
element 202, an endpoint of a tunnel) (authentication logic configured to receive packets 
sent from a source agent to an endpoint of a tunnel and to determine whether aSAofa 
packet received corresponds to said source agent, paragraph [0032], lines 5-11). 
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Strahm discloses routing Internet Protocol security (IPsec) traffic based on the 
classification parameter (abstract, making a routing decision for each authenticated 
packet that is constrained based on the SA of the authenticated packet). Classification 
parameters include IPsec Security Parameter Index (SPI) information that is uniquely 
associated with a S A. Strahm discloses the CFE classifying the traffic it receives from 
the network for transmission to a destination, wherein this classifying involves load 
balancing and route optimization (paragraphs [0008] and [0009]). (selecting a routing 
destination for each authenticated packet, and routing the packet based on said routing . 
decision, abstract, lines 1-5). 

Re claim 2, Strahm discloses selecting the routing destination based on routing 
decision (paragraph [0009], lines 1-2). 

Re claims 3, 16, and 25, Strahm discloses Decrypting Forwarding Element (DFE) 
decrypting the received packet using the encryption or keys included in the SA 
{decapsulate received packets while SA of the packet is preserved, paragraph [0036], 
lines 1-5) and forwarding the packet to its next stop (contents of a payload of an 
authentication packet are routed to the selected routing destination, paragraph [0031], 
lines 1-9). 

Re claims 4 and 17, Strahm discloses processing Internet Protocol security (IPsec) 
traffic (abstract). 

Re claim 5, Strahm discloses public IPsec protocol (paragraph [0002]). 
Re claim 6, Strahm discloses communication with private network (paragraph 
[0027]). 
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Re claims 7, 8, 18 and 19, Strahm discloses routing or forwarding a packet to 
layer 3 device, router (paragraph [0031], lines 4-9). 

Re claims 9, 10, 20 and 21, Strahm discloses forwarding a packet to layer 2 
device, switch (paragraph [0031], lines 4-9). 

Re claims 1 1 and 22, Strahm discloses a switch forwarding network traffic based 
on information included in the second layer of OSI networking model and discloses 
sending a packet in a turmel mode through a virtual private network gateway. 

Re claims 12 and 23, Strahm discloses a data layer link device forwarding 
network traffic based on information included in the second layer of OSI networking 
model (paragraph [0024], lines 9-12). 

Re claims 13 and 14, Strahm discloses making routing decision based on Security 
Parameter Index (SPI, authentication ID) associated with a SA (making routing decision 
without regard to the contents of a payload of the packet, figure lb; paragraph [0010], 
lines 1-7). 

Re claims 26, 28 and 29, Strahm discloses receiving a packet at a turmel endpoint, 
authenticating the packet (paragraph [0032], lines 5-1 1), preserving a SA of the packet as 
an authentication ID and based on the classification parameter (abstract), making routing 
decision of routing Internet Protocol security (IPsec) traffic by looking up the 
authentication ID in a table to determine a destination IP address to which the packet is to 
be routed {making routing decision based on Security Parameter Index (SPI, 
authentication ID) associated with a SA (paragraph [0010], lines 1-7). 
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Re claim 27, Strahm discloses making routing decision without regard to an 
internal destination address contained within a payload of the packet (packets are sent in 
transport mode to other network device that is not the packet's ultimate destination, 
paragraph [0019]). 

Re claim 30, it is inherent in IP that a packet addressed to 255.255.255.255 is 
used to indicate that an IP packet is an IP broadcast (broadcasting a packet to all IP 
addresses found in the table that pertain to a given destination). 



Response to Arguments 

4. Applicant's arguments filed on 3/17/05 have been fully considered but they are not 
persuasive. 

On page 12 the Applicant argues that Strahm' s CFE does not comprise decision 
logic configured to make a routing decision for each authenticated packet that is 
constrained based on the security association of the authenticated packet. The Examiner 
respectfiilly disagrees. Strahm discloses the CFE classifying the traffic it receives from 
the network for transmission to a destination, wherein this classifying involves load 
balancing and route optimization that involves making a routing decision for each 
authenticated packet (paragraph [0009]). Therefore, the Examiner concludes that the 
rejection of claims 1-25 stands rejected. 
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Conclusion 

5. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

• US 2001/0009025 to Ahonen discloses secure communication method in VPN 

• US 2002/0062344 to Ylonen et al. discloses secure tunneling of data between virtual 
routers 

6. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Hong Cho whose telephone number is 571-272-3087, 
The examiner can normally be reached on Mon-Fri during 7 am to 4 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Hassan Kizou can be reached on 571-272-3088. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-3088. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. Status 
information for impublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electr^ic Busy 
Center (EBC) at 866-2 1 7-9 1 97 (toll-free). 
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